Comment 12 for bug 1890672

ok, can i at least assume that shim is not required? that was my main issue.
i wanted a single unencrypted file (grub + initramfs by another name:), and, my chain of trust.

that is the key for me, if there is a requirement to only use shim and the microsoft keys, i'm in trouble.

if its simply that canonical doesn't test w/o shim, that's ok. But it seems empirically that shim is now a hard requirement since the valid signed kernel no longer validates w/ this patch of grub.

i guess also to the original bug from the original author here, perhaps removing the no-longer-supported option from grub doc would be good? the set check_signatures=no